NGINX basic auth only for POST

Question

I'm settings up nginx to serve Mercurial repositories. It works when not using basic authentication at all, or when I use basic authentication all over.

What I want to do is to just use basic auth on POST requests, so anyone have pull access, but only authenticated users can push.

I tried the following,

if ($request_method = POST) { auth_basic "Restricted"; auth_basic_user_file /path/to/userfile }

However it complains about "auth_basic directive is not allowed here".

How can I solve this?

rcoup · Accepted Answer · 2018-02-15 13:11:45Z

You should use limit_except:

limit_except GET HEAD { auth_basic 'Restricted'; auth_basic_user_file /path/to/userfile; }

It works since nginx 0.8.48, in older versions there was a bug where fastcgi_pass was not inherited inside the limit_except block.

Stack Exchange Network

NGINX basic auth only for POST

1 Answer 1

You must log in to answer this question.

Linked

Hot Network Questions

NGINX basic auth only for POST

1 Answer 1

You must log in to answer this question.

Linked

Related

Hot Network Questions